PRIVACY POLICY

Available information:

• Essential and complete information for members
• Essential and complete information for Managers and Delegates
• Contact information for users and visitors of the website (see below)

---

Website Contact Information

Who are we and what do we do with your personal data?

UST CISL Ferrara hereinafter Data Controller, protects the confidentiality of your personal data and guarantees them the necessary protection from any event that could put them at risk of violation.

To this end, the Data Controller implements policies and practices regarding the collection and use of personal data and the exercise of the rights recognized to you by applicable law. The Data Controller takes care to update the policies and practices adopted for the protection of personal data whenever this becomes necessary and in any case in the event of regulatory and organizational changes that may affect the processing of your personal data.

The Data Controller has appointed a Data Protection Officer (DPO) who you can contact if you have questions about the policies and practices adopted. The contact details of the data protection officer are as follows:

DPO UST CISL Ferrara
Email: dpo.cisl.ferrara@cisl.it

How it collects and processes your data The Holder?

The Owner collects and/or receives information about you, such as: IP address, personal identification data (such as name, surname, e-mail address) released while browsing the site www.cislferrara.it They are used by the Owner to follow up on the management of the site and to follow up on your request to receive information. The communication of your personal data occurs mainly towards third parties and/or recipients whose activity is necessary for the performance of the activities inherent to the aforementioned purposes, and also to respond to certain legal obligations. Any communication that does not respond to these purposes will be previously submitted to your consent.

Your personal data will not be disclosed or distributed to unspecified parties in any way.

The Owner does not transfer your personal data abroad. Your personal data will not be in any way disseminated or disclosed to unspecified and unidentifiable subjects, even as third parties.

What happens if you don't provide your data?

The personal data that concern you and that identify you are necessary for the purpose of fulfilling the request you submitted through the "contacts" section or, which, if not provided, make it impossible for the Owner to fulfill your requests.

How and for how long is your data stored?

The processing of data concerning you occurs through both electronic and manual means and tools made available to the subjects who act under the authority of the Owner and who are authorised and trained for this purpose.

Personal data are stored, if applicable, in electronic archives protected by effective and adequate security measures to counter the risks of violation considered by the Data Controller. For the time necessary to fulfill the requests for information and sending communications of this exclusive nature that the Data Controller carries out following your request and in any case for a period not exceeding a maximum of 24 months, except in cases where events occur that require the intervention of the competent Authorities, also in collaboration with third parties/recipients who are responsible for the IT security activity of the Data Controller's data, to carry out any investigations into the causes that determined the event.

What are your rights?

In accordance with the limits, especially temporal ones, established for the processing of personal data concerning you, the rights that are recognized to you allow you to always have control over your data. Your rights are those of:

• access;
• rectification;
• cancellation;
• limitation of processing;
• opposition to processing;
• portability.

Your rights are guaranteed to you without any particular burden or formality for the request of their exercise, which is essentially free of charge. You have the right:

• to obtain a copy, including in electronic format, of the data to which you have requested access. Should you request additional copies, the Data Controller may charge you a reasonable fee;
• to obtain the cancellation of the same or the limitation of the processing or even the updating and rectification of your personal data and that third parties/recipients also comply with your request in the event that they receive your data, unless legitimate reasons prevail over those that determined your request (e.g. environmental investigations and containment of the risk determined by the emergency managed through them by the Data Controller);
• to obtain any useful communication regarding the activities carried out following the exercise of your rights without delay and in any case, within one month of your request, unless a motivated extension of up to two months is duly communicated to you.
• For any further information and in any case to send your request you must contact UST CISL Ferrara, at the address ust.ferrara@cisl.it.

Who can you complain to?

Without prejudice to any other administrative or judicial action, you can submit a complaint to the competent supervisory authority or to the one that carries out its duties and exercises its powers in Italy where you have your habitual residence or work or, if different, in the Member State where the violation of Regulation (EU) 2016/679 occurred.